Backdoor Server Virus - Anyone else notice this?

 

I just updated my antivirus definitions and let my program do a full search of my laptop overnight last night.

When I got up the program had found 2 programs infected with the BDS/Hupigon.lpce virus.

The programs?

TTSVoiceEditor_V284.zip & TTSVoiceEditor.exe

lpce is apparently a relatively new variant of the Hupigon BDS which could explain why my AV didn't pick it up sooner.

Not pointing any fingers. Just curious if the zip file is the vector and if anyone else has found the same infections...

--
Nuvi 2595LMT, Nuvi 1490T, Nuvi 260, GPSMAP 195

.

rocknicehunter wrote:

The programs?

TTSVoiceEditor_V284.zip & TTSVoiceEditor.exe

lpce is apparently a relatively new variant of the Hupigon BDS which could explain why my AV didn't pick it up sooner.

Where did you get version 2.84 from? I don't see version 2.84 at the following:
http://turboccc.wikispaces.com/TTSVoiceEditor

Submit the ZIP or EXE to http://www.virustotal.com/ and have them scanned.

Additional info (reason why 2.84 doesn't exist):
http://turboccc.wikispaces.com/message/view/Support/26602027

That's where

Yep, I got it directly from there.

When I google "TTSVoiceEditor_V284.zip" I see this version was mentioned on Turbo's pages but all of the pages that referenced this version, with the exception of the one you cite, now have been edited and this version removed.

I just downloaded the current version and my AV does not find anything suspicious.

I like what the program does but will hold off re-installing the latest version for now.

Thanks

--
Nuvi 2595LMT, Nuvi 1490T, Nuvi 260, GPSMAP 195

TTS Voice Editor

rocknicehunter wrote:

Yep, I got it directly from there.

When I google "TTSVoiceEditor_V284.zip" I see this version was mentioned on Turbo's pages but all of the pages that referenced this version, with the exception of the one you cite, now have been edited and this version removed.

I just downloaded the current version and my AV does not find anything suspicious.

I like what the program does but will hold off re-installing the latest version for now.

Thanks

I have version 286 and don't seem to have a problem with it is 284 a newer version.

Read page 10

http://www.poi-factory.com/node/16263?page=9

It's happened to someone else in the past and you'll see why version 284 was removed by Turboccc as a precautionary mesure.

Cheers

--
Nüvi 255WT with nüMaps Lifetime North America born on 602117815 / Nüvi 3597LMTHD born on 805972514 / I love Friday’s except when I’m on holidays ~ canuk

Excellent

Thanks canuk. I had missed that entirely. I'll go ahead and install the current version and put this thread to rest.

--
Nuvi 2595LMT, Nuvi 1490T, Nuvi 260, GPSMAP 195

virus - false positive

--
nuvi 1690 with ecoRoute HD, SP2610 (retired), Edge 305, Forerunner 405

AVG virus program

AVG just recognized the program as a virus. I sent it to their lab to analyze and they say it is a virus, not a false positive.

Thanks, Gene.

Thanks, Gene.

--
Nuvi 660 -- and not upgrading it or maps until Garmin fixes long-standing bugs/problems, and get maps to where they are much more current, AND corrected on a more timely basis when advised of mistakes.

Avast

rocknicehunter wrote:

I just updated my antivirus definitions and let my program do a full search of my laptop overnight last night.

When I got up the program had found 2 programs infected with the BDS/Hupigon.lpce virus.

The programs?

TTSVoiceEditor_V284.zip & TTSVoiceEditor.exe

lpce is apparently a relatively new variant of the Hupigon BDS which could explain why my AV didn't pick it up sooner.

Not pointing any fingers. Just curious if the zip file is the vector and if anyone else has found the same infections...

Avast found it and deleted it about 2 months ago. Go the the TTS Voice editor's website and download the current file. Delete all instances of TTS voice editor and then reinstall the new file.

Coerage should be good now...

Coverage on this one should be pretty good now with most av products -- I'll check with our security folks when I'm back in the salt mines.

--
Nuvi 2460, 680, DATUM Tymserve 2100, Trimble Thunderbolt, Ham radio, Macintosh, Linux, Windows

Go figure!

gene1951 wrote:

AVG just recognized the program as a virus. I sent it to their lab to analyze and they say it is a virus, not a false positive.

Yes, this virus thing is killing me! In the sense it is going on my nerves! smile

I have had AVG for years! It never prompted me any errors. I wonder how you got one! Can you tell me which virus was reported and on which file/version?

Last week, I uninstalled AVG and installed Dr. Web because I user reported a similar problem. My system was scanned and no virus was found. Where is this coming from?

I also scanned the files with an online mega anti-virus engine (can`t remember the name) and 9/43 or 12/43 anti-virus detected problems. Most major anti-virus did not detect anything.

Whatever AVG says, it still can be a false positive. If anybody provide enough information and the proper anti-virus engine able to detect it, I`ll install it and clean my system if anything is there.

Like I said, it kills me and I take this seriously, but so far no anti-virus found anything.

Let me know.

Turbo

Try House Call by Trend Micro

http://housecall.trendmicro.com

Online A/V scanner. See what comes up with that. Very thorough and up to date.

Just another thought. Another great utility I use is Vipre Rescue by Sunbelt Software.

http://live.sunbeltsoftware.com

This is a command line A/V scanner that will bring even the most infected PC back to life (at least to the point where you can get your vital files off before wiping it grin)

--
Striving to make the NYC Metro area project the best.

I don't understand

turboccc wrote:
gene1951 wrote:

AVG just recognized the program as a virus. I sent it to their lab to analyze and they say it is a virus, not a false positive.

Yes, this virus thing is killing me! In the sense it is going on my nerves! smile

I have had AVG for years! It never prompted me any errors. I wonder how you got one! Can you tell me which virus was reported and on which file/version?

Last week, I uninstalled AVG and installed Dr. Web because I user reported a similar problem. My system was scanned and no virus was found. Where is this coming from?

I also scanned the files with an online mega anti-virus engine (can`t remember the name) and 9/43 or 12/43 anti-virus detected problems. Most major anti-virus did not detect anything.

Whatever AVG says, it still can be a false positive. If anybody provide enough information and the proper anti-virus engine able to detect it, I`ll install it and clean my system if anything is there.

Like I said, it kills me and I take this seriously, but so far no anti-virus found anything.

Let me know.

Turbo

If AVG isn't reporting a problem, why do you think you have one? In my case, Avast is setup to scan my system once a week and it found the file after a scan. It deleted the file and reported the problem to me. I did some checking and found out that the file Avast deleted carried a later version number than the one on the website. I downloaded and installed the good file and everyone is now happy.

But Avast reported the virus and that started it. If AVG isn't reporting a virus then you probably don't have one.